Not logged in
Log in now
Create an account
Subscribe to LWN
LWN.net Weekly Edition for December 5, 2013
Deadline scheduling: coming soon?
LWN.net Weekly Edition for November 27, 2013
ACPI for ARM?
LWN.net Weekly Edition for November 21, 2013
Which is, generally, a good solution for people with servers that use a lot of server-side scripting anyways.
Posted Jun 25, 2009 4:53 UTC (Thu) by khim (subscriber, #9252)
So the easy solution, I suppose, is just to use Lighttpd or
something like that as a reverse proxy for your Apache
And of course when you send static pages it makes perfect sense to use
sendfile(2) and forget about everything (nginx does more or less that -
a few small structures to handle "keep alive" connections).
That's why I can not see what's so important happened: this is
well-known apache problem but while it can not be solved with apache alone
it can be solved with additional software - and was solved for years
by real admins on millions of systems.
Apache attacked by a "slow loris"
Posted Jun 28, 2009 20:38 UTC (Sun) by job (guest, #670)
Any simple select-loop (or poll)-based web server would do. But as soon as you serve dynamic content in any way, be it via PHP or any other language, the problem is back again. Most (all?) web site languages are served by worker processes, either built into the web server or stand alone pre-forked.
Disarming the attack only on static file URLs is not really a solution. The attack would probably choose apparent dynamic URLs such as .php if this was a real world attack anyway.
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds